$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/577/APWjXatzbJLAfwbrtYHXntqzwD0.roa File: APWjXatzbJLAfwbrtYHXntqzwD0.roa (raw, json) Hash identifier: cDMFDK1CrbmMoFyUnAN8TgeCVh29aMbPvoZ3T5L/dQk= Subject key identifier: 00:F5:A3:5D:AB:73:6C:92:C0:7F:06:EB:B5:81:D7:9E:DA:B3:C0:3D Certificate issuer: /CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Certificate serial: 1479 Authority key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/APWjXatzbJLAfwbrtYHXntqzwD0.roa Signing time: Wed 11 Sep 2024 02:23:21 +0000 ROA not before: Wed 11 Sep 2024 02:23:21 +0000 ROA not after: Fri 31 Jan 2025 01:13:46 +0000 asID: 139259 IP address blocks: 103.221.44.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 22 Nov 2024 23:51:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5241 (0x1479) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85 Validity Not Before: Sep 11 02:23:21 2024 GMT Not After : Jan 31 01:13:46 2025 GMT Subject: CN=00F5A35DAB736C92C07F06EBB581D79EDAB3C03D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:1d:8c:e7:d5:a4:06:5d:88:86:af:f7:cc:fc: 71:f5:fd:95:b0:94:10:af:b5:77:96:a5:d9:e8:5d: 42:f5:8f:31:c6:08:23:a8:50:c2:b4:aa:1e:52:5e: 71:d5:0a:6f:1c:51:bd:6c:91:3f:c5:4d:fb:68:d0: 3e:5f:8a:9f:66:d5:2c:be:7b:b6:66:46:68:4a:cc: 7a:34:6b:7a:03:b5:1b:f2:96:88:d7:1d:11:5c:3a: 0e:ba:4e:d9:69:70:7c:d3:b3:71:ff:e6:a2:2f:de: e6:a5:09:47:c9:80:bc:28:d4:34:d1:93:b2:47:57: ad:bf:8b:19:1c:86:9b:6f:77:1b:7d:7a:91:1b:cd: b4:ab:e6:25:1e:6a:61:51:5b:21:52:15:ab:bb:4c: d1:f6:98:74:4e:56:5b:84:c9:25:80:27:eb:4c:24: 94:93:ca:d1:06:0c:8d:19:5a:66:27:d3:c8:96:cc: ac:b8:76:d7:f9:88:3a:38:b5:5e:92:dc:1d:92:87: df:c2:eb:55:e9:b1:1c:34:b1:7b:1c:47:a3:77:2b: 7b:53:f7:b4:b8:05:1e:fb:16:2c:d2:a1:91:f5:37: 4e:1f:9e:02:ea:bf:50:43:2e:40:1e:f6:b8:02:8d: 42:6a:db:22:7c:c2:bf:e8:5d:67:18:b6:05:a8:e7: ef:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:F5:A3:5D:AB:73:6C:92:C0:7F:06:EB:B5:81:D7:9E:DA:B3:C0:3D X509v3 Authority Key Identifier: keyid:75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/APWjXatzbJLAfwbrtYHXntqzwD0.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.221.44.0/22 Signature Algorithm: sha256WithRSAEncryption 0c:a3:51:a5:be:f2:e7:bb:3a:ce:20:58:b8:2e:fa:45:42:1a: ed:3a:9d:ae:a5:6f:8b:33:65:90:fb:e4:bc:f6:6b:82:a6:68: 5f:13:c5:87:74:2d:66:9e:a5:53:48:73:cd:84:9f:d9:ad:c1: 9e:45:f9:83:8f:4c:e9:2f:15:52:eb:f4:45:af:38:b0:dd:06: 75:97:e8:ad:db:0f:69:95:1b:1d:86:79:fd:6c:51:cf:49:97: 94:e9:3a:f6:ad:f0:a7:06:c2:4b:c0:e3:cf:49:49:87:f5:db: 43:69:84:9b:29:76:92:c6:52:cd:aa:c5:d9:29:5d:35:47:f8: 30:05:c6:ac:3e:66:0a:ff:f3:ee:05:dd:92:da:bc:9c:7e:52: 32:51:5d:b1:4b:59:27:ed:90:b4:4e:9c:8f:23:9c:bb:1c:cb: bd:3d:1c:02:5f:f8:9b:66:76:35:08:45:9f:14:75:a8:f3:b1: b0:33:21:93:ec:dd:f5:7a:2b:fc:3a:72:06:37:e1:ca:31:db: e8:be:a2:2c:03:56:a8:c0:69:56:e7:f5:47:f2:98:3d:67:1f: 47:c8:21:5a:cc:e5:2d:95:0e:4a:48:fe:2a:0a:0e:8b:d5:12: 8b:eb:be:07:6a:f6:17:c6:42:08:ee:eb:d4:38:27:6d:e8:b2: bb:dd:7f:74 -----BEGIN CERTIFICATE----- MIIE1TCCA72gAwIBAgICFHkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC NDcxNEM0RjYxQkVBMDRBMDJDRjlDRjU2M0FFMTM0RjQ3OUM4NTAeFw0yNDA5MTEw MjIzMjFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDAwRjVBMzVEQUI3MzZD OTJDMDdGMDZFQkI1ODFENzlFREFCM0MwM0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC7HYzn1aQGXYiGr/fM/HH1/ZWwlBCvtXeWpdnoXUL1jzHGCCOo UMK0qh5SXnHVCm8cUb1skT/FTfto0D5fip9m1Sy+e7ZmRmhKzHo0a3oDtRvylojX HRFcOg66TtlpcHzTs3H/5qIv3ualCUfJgLwo1DTRk7JHV62/ixkchptvdxt9epEb zbSr5iUeamFRWyFSFau7TNH2mHROVluEySWAJ+tMJJSTytEGDI0ZWmYn08iWzKy4 dtf5iDo4tV6S3B2Sh9/C61XpsRw0sXscR6N3K3tT97S4BR77FizSoZH1N04fngLq v1BDLkAe9rgCjUJq2yJ8wr/oXWcYtgWo5++BAgMBAAGjggHxMIIB7TAdBgNVHQ4E FgQUAPWjXatzbJLAfwbrtYHXntqzwD0wHwYDVR0jBBgwFoAUdbRxTE9hvqBKAs+c 9WOuE09HnIUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3 L2RiUnhURTlodnFCS0FzLWM5V091RTA5SG5JVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTc3L0FQV2pYYXR6YkpMQWZ3 YnJ0WUhYbnRxendEMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJn3SwwDQYJKoZIhvcNAQELBQADggEBAAyjUaW+8ue7Os4gWLgu+kVCGu06na6l b4szZZD75Lz2a4KmaF8TxYd0LWaepVNIc82En9mtwZ5F+YOPTOkvFVLr9EWvOLDd BnWX6K3bD2mVGx2Gef1sUc9Jl5TpOvat8KcGwkvA489JSYf120NphJspdpLGUs2q xdkpXTVH+DAFxqw+Zgr/8+4F3ZLavJx+UjJRXbFLWSftkLROnI8jnLscy709HAJf +JtmdjUIRZ8UdajzsbAzIZPs3fV6K/w6cgY34cox2+i+oiwDVqjAaVbn9UfymD1n H0fIIVrM5S2VDkpI/ioKDovVEovrvgdq9hfGQgju69Q4J23osrvdf3Q= -----END CERTIFICATE-----Generated at Fri Nov 22 21:14:13 2024 by rpki-client on console-fra.rpki-client.org